how are you not sure that the TxIn is not taken out from a transaction and put in to another? is this a flaw?or is there some kind mecanisme that prevent that?a simple attack scenario:1. put a lot of your clients on the network(with different IPs). so you are sure that you can isolate another client.2. when the isolated client makes a Tx it transmits it to you.3. with the Tx you extract the TxIns and puts them in a new Tx, that sends it all to you, you can do that because there is no protection.4. wait for it to be included in a block.5. PROFIT!

is this possible? it is a BIG BIG flaw if its real!

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell

how are you not sure that the TxIn is not taken out from a transaction and put in to another? is this a flaw?or is there some kind mecanisme that prevent that?a simple attack scenario:1. put a lot of your clients on the network(with different IPs). so you are sure that you can isolate another client.2. when the isolated client makes a Tx it transmits it to you.3. with the Tx you extract the TxIns and puts them in a new Tx, that sends it all to you, you can do that because there is no protection.4. wait for it to be included in a block.5. PROFIT!

is this possible? it is a BIG BIG flaw if its real!

Try it, and you will find that it doesn't work in practice, even if it is theoreticly possible. Most likely you won't even be able to isolate a client in order to actually steal from it's transactions in the start. In any case, this is an attack upon a particular user of Bitcoin, not a flaw in the system itself. This kind of theft attack would only affect one user.

As you describe it, the modified transaction would fail a validity check anyway because the transaction must be hashed as a whole after being 'signed' by the sender's private key, which you don't have. If you cannot sign the modified transaction, the transaction would fail on that point.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

how are you not sure that the TxIn is not taken out from a transaction and put in to another? is this a flaw?or is there some kind mecanisme that prevent that?a simple attack scenario:1. put a lot of your clients on the network(with different IPs). so you are sure that you can isolate another client.2. when the isolated client makes a Tx it transmits it to you.3. with the Tx you extract the TxIns and puts them in a new Tx, that sends it all to you, you can do that because there is no protection.4. wait for it to be included in a block.5. PROFIT!

is this possible? it is a BIG BIG flaw if its real!

Try it, and you will find that it doesn't work in practice, even if it is theoreticly possible. Most likely you won't even be able to isolate a client in order to actually steal from it's transactions in the start. In any case, this is an attack upon a particular user of Bitcoin, not a flaw in the system itself. This kind of theft attack would only affect one user.

As you describe it, the modified transaction would fail a validity check anyway because the transaction must be hashed as a whole after being 'signed' by the sender's private key, which you don't have. If you cannot sign the modified transaction, the transaction would fail on that point.

what i can read from the source and the wiki is:not the whole transaction that is signed. only the TxIns.

its like signing "i would like to give some btcs away"

"The whole problem with the world is that fools and fanatics are always so certain of themselves and wiser people so full of doubts." -Bertrand Russell

how are you not sure that the TxIn is not taken out from a transaction and put in to another? is this a flaw?or is there some kind mecanisme that prevent that?a simple attack scenario:1. put a lot of your clients on the network(with different IPs). so you are sure that you can isolate another client.2. when the isolated client makes a Tx it transmits it to you.3. with the Tx you extract the TxIns and puts them in a new Tx, that sends it all to you, you can do that because there is no protection.4. wait for it to be included in a block.5. PROFIT!

is this possible? it is a BIG BIG flaw if its real!

Try it, and you will find that it doesn't work in practice, even if it is theoreticly possible. Most likely you won't even be able to isolate a client in order to actually steal from it's transactions in the start. In any case, this is an attack upon a particular user of Bitcoin, not a flaw in the system itself. This kind of theft attack would only affect one user.

As you describe it, the modified transaction would fail a validity check anyway because the transaction must be hashed as a whole after being 'signed' by the sender's private key, which you don't have. If you cannot sign the modified transaction, the transaction would fail on that point.

what i can read from the source and the wiki is:not the whole transaction that is signed. only the TxIns.

its like signing "i would like to give some btcs away"

Hmmm, I see what you are saying. Good eye. This might be a possible exploit, indeed. You deserve kudos if this is true. This could be fixed by requiring that the transaction as a whole be signed by the first input private key. This would still require absolute isolation to work consistantly, but might work often enough by forcing a double spend type event to be a worthwhile criminal endeavor.

Gavin, thoughts?

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

And the confidence in the Bitcoin system increases by one Brownie point.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

what i can read from the source and the wiki is:not the whole transaction that is signed. only the TxIns.

its like signing "i would like to give some btcs away"

The documentation is somewhat unclear. What gets signed is the entire transaction, with all the input scripts nulled except the one that is being signed, which is replaced by the output script it references containing the OP_CHECKSIG, with the hashtype appended to the end as an int.

So the only thing you could change without making the signature invalid is the input script. Who the money goes to and where it comes from gets signed, which is the stuff that matters. So you can't change that, and all you could do by modifying the input script is make it fail, in which case the transaction would be tossed.